ModSecurity Blog

ModSecurity 2.6 will likely be the last branch before ModSecurity 3. The 2.6 branch will concentrate on polishing up the current 2.5 feature set, performance, ease of use, supporting arbitrary character sets, and better documentation. I'll be posting 2.6 development releases periodically for users to test and comment on. So that you know what is planned, I am publishing the roadmap for 2.6 below.

Enhancements

Enhance persistent storage:

Allow relative changes to counters to be atomic.

Optimize storage and retrieval.

Enhance audit log sanitization:

Allow partial data sanitization.

Allow the RESPONSE_BODY to be sanitized.

Enhance external auditing/alerting (mlogc):

Optimize data queuing to lower RAM usage.

Allow sensor metrics to be sent to the console.

Add connection throttling which can be dictated by the console.

Allow for more flexibility when writing complex rules:

Add the ability to determine which targets previously matched.

Straighten out how non-disruptive actions work with chained rules.

Performance

Add a high performance IP address/network matching operator capable of large lists.